Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:JS/Dldr.Remora.WB
Date discovered:28/03/2008
Type:Exploit
Subtype:Downloader
In the wild:Yes
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low
Static file:No
File size:~ 1.400 Bytes
IVDF version:7.00.03.88 - Friday, March 28, 2008

 General Method of propagation:
   • No own spreading routine


Side effects:
   • Downloads a malicious file

 Files It tries to download a file:

The location is the following:
   • http://www.google-analytics.com.urchin.js.1traff.cn/**********
It is saved on the local hard drive under: %HOME%\admin.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: TR/Dldr.Small.hzj

Description inserted by Thomas Wegele on Friday, March 28, 2008
Description updated by Thomas Wegele on Monday, March 31, 2008

Back . . . .